The Dissatisfied Sysadmin Hacked the Network of the Former Employer
By Prempal Singh
The Federal Court of Minnesota recognized 46-year-old Christopher Victor Grupe (Christopher Victor Grupe) guilty of deliberately damaging the computer network of his former employer, the railway company Canadian Pacific Railway (CPR).
From September 2013 to December 2015, Grupe worked as an IT specialist in the CPR. The company is based in Alberta, Canada and is the operator of the transcontinental railroad.
In December 2015, Grove was suspended from work for 12 days for shouting and using obscene language in a conversation with the management. After returning to work Grupe was dismissed for violation of subordination. He promised in the near future to return his corporate laptop, a device for remote access and a badge.
However, before returning the devices, Gruppe, having access to the network switches of the company, deleted administrator accounts, changed passwords and deleted log files. Then the attacker cleared the laptop and returned it to the CPR office on December 17, two days after the dismissal.
CPR employees found the damage only on January 6, 2016. IT specialists managed to restore access to the devices the next day, rebooting the switches, but this caused interruptions in the company’s work.
The memory of the switches still contained evidence of Grupe’s intervention. The company attracted an outside firm to help with the investigation, and later notified the authorities. CPR estimated the damage caused by the former employee, about $ 30 thousand.
April 11 this year, the attacker was charged with deliberately damaging the computer network, and in early October he was found guilty. The date of final sentencing has not yet been appointed.